Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/6fb7e6-04c0-4361-94c0-7331bf207f4d/1/v-DfpxyzzKxt20fKpcz-d2vnkjE.roa
File: v-DfpxyzzKxt20fKpcz-d2vnkjE.roa (raw, json)
Hash identifier: bVMoY+WNqxOIWzjaGvX9XGjb85s1gnx8ahnPJ/Q8OBY=
Subject key identifier: BF:E0:DF:A7:1C:B3:CC:AC:6D:DB:47:CA:A5:CC:FE:77:6B:E7:92:31
Certificate issuer: /CN=63cbfcda1dc09d88b3af5cef90da0162fda374b4
Certificate serial: 019D5CDFD94729B0AF089D7C2B65030DC1C7
Authority key identifier: 63:CB:FC:DA:1D:C0:9D:88:B3:AF:5C:EF:90:DA:01:62:FD:A3:74:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y8v82h3AnYizr1zvkNoBYv2jdLQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/6fb7e6-04c0-4361-94c0-7331bf207f4d/1/v-DfpxyzzKxt20fKpcz-d2vnkjE.roa
Signing time: Sun 05 Apr 2026 09:01:07 +0000
ROA not before: Sun 05 Apr 2026 09:01:07 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44128
IP address blocks: 2.58.124.0/23 maxlen: 23
2.58.126.0/23 maxlen: 23
5.181.252.0/23 maxlen: 23
5.181.254.0/23 maxlen: 23
45.86.39.0/24 maxlen: 24
45.86.180.0/23 maxlen: 23
45.86.182.0/23 maxlen: 23
89.223.76.0/23 maxlen: 23
89.223.78.0/23 maxlen: 23
185.153.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/6fb7e6-04c0-4361-94c0-7331bf207f4d/1/Y8v82h3AnYizr1zvkNoBYv2jdLQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/6fb7e6-04c0-4361-94c0-7331bf207f4d/1/Y8v82h3AnYizr1zvkNoBYv2jdLQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y8v82h3AnYizr1zvkNoBYv2jdLQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:5c:df:d9:47:29:b0:af:08:9d:7c:2b:65:03:0d:c1:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63cbfcda1dc09d88b3af5cef90da0162fda374b4
Validity
Not Before: Apr 5 09:01:07 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bfe0dfa71cb3ccac6ddb47caa5ccfe776be79231
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:6c:f8:ea:34:58:1e:90:55:35:0e:cd:d9:ea:
af:46:6a:be:26:64:81:e9:b3:c6:5a:86:08:23:1f:
83:03:2d:8d:7d:40:09:97:55:ee:61:6a:0f:a5:ee:
ca:ea:2e:a6:fe:d4:1c:50:02:72:07:a3:cf:86:3d:
57:5d:c2:5e:cd:6d:42:e4:ac:3c:8e:1f:8d:69:96:
09:ff:8b:61:8f:82:2b:73:62:9e:1d:e3:14:75:9b:
a9:c0:05:31:a2:78:77:bb:83:78:65:1b:cd:8d:2d:
92:9a:76:81:52:f3:55:1f:a0:ab:a7:ad:bb:03:6e:
7b:1b:5d:6b:52:57:d4:22:d9:9e:bd:38:95:e8:6c:
bb:33:ea:8f:0b:be:45:6e:e3:90:c5:b2:7f:19:52:
24:ad:bb:83:34:ac:07:72:17:be:de:11:0a:da:32:
b4:52:86:c0:26:69:c2:47:39:20:f6:75:1d:83:a3:
ec:db:87:c9:06:7b:7f:74:ba:c7:b8:c5:24:e1:3a:
85:76:36:08:68:0a:fe:98:57:f6:34:34:5a:01:98:
a1:8c:79:0e:07:6d:4a:69:8c:79:1e:11:4b:5b:02:
c9:fd:22:3d:cc:db:82:27:86:c8:22:79:65:46:81:
54:7e:2c:7b:81:eb:05:21:3e:a6:da:70:e9:9c:2f:
a7:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:E0:DF:A7:1C:B3:CC:AC:6D:DB:47:CA:A5:CC:FE:77:6B:E7:92:31
X509v3 Authority Key Identifier:
keyid:63:CB:FC:DA:1D:C0:9D:88:B3:AF:5C:EF:90:DA:01:62:FD:A3:74:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y8v82h3AnYizr1zvkNoBYv2jdLQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/6fb7e6-04c0-4361-94c0-7331bf207f4d/1/v-DfpxyzzKxt20fKpcz-d2vnkjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/6fb7e6-04c0-4361-94c0-7331bf207f4d/1/Y8v82h3AnYizr1zvkNoBYv2jdLQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.124.0/22
5.181.252.0/22
45.86.39.0/24
45.86.180.0/22
89.223.76.0/22
185.153.94.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:26:dd:69:90:df:19:b6:ad:63:c2:1f:45:1f:e8:58:31:33:
da:bd:11:c8:64:78:65:f3:34:9e:d3:6c:eb:97:56:33:38:0f:
5b:86:c9:27:19:8b:af:5d:69:3a:87:3e:f3:c9:1f:74:9a:b3:
0c:64:a7:67:ea:9a:23:1e:d4:b6:81:60:68:a5:af:c9:8e:b0:
a1:2c:be:a7:e5:12:c2:42:d3:25:ae:d6:9c:34:5a:d2:e9:79:
34:20:fb:ef:92:0f:9e:10:a8:e4:56:7c:c3:6e:3c:9a:c8:49:
86:c9:40:0c:4b:b7:57:17:11:cc:ad:12:48:be:08:44:66:db:
fb:8b:49:d2:e6:b0:8f:72:4d:77:84:a4:8d:54:18:e5:09:6f:
29:94:24:31:29:51:77:9c:7c:4b:7a:9c:69:89:0b:60:0b:0d:
b9:ad:19:d5:d3:c2:36:80:8e:d3:5d:ec:cf:39:e7:36:bb:bb:
db:9d:79:60:6e:97:c7:60:0e:72:52:26:7a:0d:e4:92:b0:b1:
1c:f6:78:00:3d:07:16:20:b3:f4:49:42:44:50:de:be:6e:8a:
14:2f:8c:98:97:c2:ed:88:33:d9:78:ae:f4:7b:95:0d:dc:4f:
c6:64:4f:3a:50:bd:62:7f:f8:8c:cf:3b:85:c0:e3:1b:0a:50:
4a:81:a5:74
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ1c39lHKbCvCJ18K2UDDcHHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzY2JmY2RhMWRjMDlkODhiM2FmNWNlZjkwZGEwMTYyZmRh
Mzc0YjQwHhcNMjYwNDA1MDkwMTA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmUwZGZhNzFjYjNjY2FjNmRkYjQ3Y2FhNWNjZmU3NzZiZTc5MjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Gz46jRYHpBVNQ7N2eqvRmq+JmSB
6bPGWoYIIx+DAy2NfUAJl1XuYWoPpe7K6i6m/tQcUAJyB6PPhj1XXcJezW1C5Kw8
jh+NaZYJ/4thj4Irc2KeHeMUdZupwAUxonh3u4N4ZRvNjS2SmnaBUvNVH6Crp627
A257G11rUlfUItmevTiV6Gy7M+qPC75FbuOQxbJ/GVIkrbuDNKwHche+3hEK2jK0
UobAJmnCRzkg9nUdg6Ps24fJBnt/dLrHuMUk4TqFdjYIaAr+mFf2NDRaAZihjHkO
B21KaYx5HhFLWwLJ/SI9zNuCJ4bIInllRoFUfix7gesFIT6m2nDpnC+nyQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFL/g36ccs8ysbdtHyqXM/ndr55IxMB8GA1UdIwQY
MBaAFGPL/NodwJ2Is69c75DaAWL9o3S0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTh2ODJoM0FuWWl6cjF6dmtOb0JZdjJqZExRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny82ZmI3ZTYtMDRjMC00MzYxLTk0YzAt
NzMzMWJmMjA3ZjRkLzEvdi1EZnB4eXp6S3h0MjBmS3Bjei1kMnZua2pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny82ZmI3ZTYtMDRjMC00MzYxLTk0YzAtNzMzMWJmMjA3ZjRk
LzEvWTh2ODJoM0FuWWl6cjF6dmtOb0JZdjJqZExRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCAjp8AwQC
BbX8AwQALVYnAwQCLVa0AwQCWd9MAwQAuZleMA0GCSqGSIb3DQEBCwUAA4IBAQCn
Jt1pkN8Ztq1jwh9FH+hYMTPavRHIZHhl8zSe02zrl1YzOA9bhsknGYuvXWk6hz7z
yR90mrMMZKdn6pojHtS2gWBopa/JjrChLL6n5RLCQtMlrtacNFrS6Xk0IPvvkg+e
EKjkVnzDbjyayEmGyUAMS7dXFxHMrRJIvghEZtv7i0nS5rCPck13hKSNVBjlCW8p
lCQxKVF3nHxLepxpiQtgCw25rRnV08I2gI7TXezPOec2u7vbnXlgbpfHYA5yUiZ6
DeSSsLEc9ngAPQcWILP0SUJEUN6+booUL4yYl8LtiDPZeK70e5UN3E/GZE86UL1i
f/iMzzuFwOMbClBKgaV0
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:29:36 2026 by rpki-client